Latin America. It is a fact that 5G technology represents one of the next advances within the Internet of Things (IoT) environment and, although the date of its implementation is not known with certainty, the truth is that cybersecurity specialists point out that attention must be paid to protecting the devices, connections and data that are going to be generated, as pointed out by Julia Urbina-Pineda, lecturer and consultant specialized in cyber risk management.
5G is the fifth generation of cellular technology to provide broadband access and must be based on a standard that increases the speed and volume of information of wireless networks; to achieve this, it is founded on a set of microprocessors with antennas that quickly send packets of information between them. It is estimated that by 2030 there will be 500 billion devices connected to a wireless network[1] – about 66 for every inhabitant on Earth today.
"By the time 5G is introduced in Mexico, several aspects of cybersecurity will have to be considered; Initially, the operator of the services must take care of the authentication of the devices and everything that connects to IoT, under the understanding that 5G will be defined by software and its functions will be virtualized, that is, they will work in a simulated computer environment, instead of a physical environment. This will facilitate the creation of an environment that is known as 'fog computer' made up of many clouds, which will surely make it more difficult to authenticate the devices," explained Julia Urbina-Pineda.
In this new environment we will see that the 5G network, in addition to enabling the interconnection of devices of more common use and even presenting the option of operating vehicles autonomously, will facilitate the conditions for the IoT to be used in the industrial sector. "In addition, the developments and applications of augmented reality will be increased, which by the way are in the testing phase in other parts of the world. At this stage, we consider that the potential security problem will arise during the sending and receiving of data, that is, during the linking phase; the protection of data and information in this part corresponds to both the user and the operator," explained the specialist.
Another factor of care is related to the storage of the data that will be generated in greater quantity than at present, "and that is why you have to foresee how the files are going to be saved. That is, industrial IoT is going to produce a large mass of information, but where is it going to be kept? This decision corresponds to the user, who must worry about an adequate management of the applications and the necessary hardware, in addition to installing protection at the end point and perimeter level".
In the words of Julia Urbina-Pineda, there is another factor that must also be considered: application development. "In this sense, the potential danger lies in the fact that software programmers generally do not consider the issue of security; they only create the code to be loaded into the hardware and don't care about protection details. This will surely continue to happen in applications for the industrial IoT, and by the growth of the use of the cloud, which, in its free mode increases the risk of cyber attacks; it is a point that cannot be neglected."
In that sense, Urbina-Pineda recommends that companies make an effort to hire a private network, since they offer a more robust infrastructure and increase the level of protection. "Of course, you can use public clouds, but you have to understand the inherent risks. Therefore, it is better to invest in service providers that offer better security conditions for IoT in the 5G network and cloud environment; it may be that at first it is a bit expensive, but also in the medium term benefits are received."
Finally, the cybersecurity specialist highlighted the relevance of the responsibility that the user must assume to reduce the risks of attacks. "It is true that protection starts from the provider, but the user has to take responsibility and improve their security practices, even from the choice of stronger passwords. Therefore, we invite all cybersecurity specialists, and users, to join us at Infosecurity Mexico, since there we will exchange knowledge, publicize best practices and learn about success stories that help us reduce the risk of attacks by hackers. "
Article provided by Infosecurity Mexico 2020 (September 22 and 23).
